cbcvebase.
CVE-2021-43810
published 2021-12-07

CVE-2021-43810: Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerability is present in Admidio prior…

PriorityP340medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
5.78%
92.2th percentile
Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts. This issue is patched in version 4.0.12.

Affected

1 ranges
VendorProductVersion rangeFixed in
admidioadmidio< 4.0.124.0.12

Detection & IOCsextracted from sources · hover to see the quote

url{{BaseURL}}/adm_program/system/redirect.php?url=javascript://%250aalert(document.domain)
path/adm_program/system/redirect.php
  • Send a GET request to /adm_program/system/redirect.php with url parameter set to javascript://%250aalert(document.domain); a vulnerable response returns HTTP 200 with Content-Type text/html and body containing 'please click '
  • Match response body for the string 'please click ' to confirm the XSS reflection point in redirect.php
  • Confirm response Content-Type header is text/html alongside the body match to reduce false positives
  • ·Vulnerability is only present in Admidio versions prior to 4.0.12; version 4.0.12 and later are patched

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.